Experts anxious over possible Net attack

WASHINGTON -- Government and industry experts consider brewing hacker activity a precursor to a broad Internet attack that would target enormous numbers of computers vulnerable from a flaw in Windows software from Microsoft Corp.

Experts described an unusual confluence of conditions that heighten prospects for a serious disruption soon. They cite the high numbers of potential victims and increasingly sophisticated attack tools already tested successfully by hackers in recent days.

The Homeland Security Department cautioned Wednesday that it had detected an "Internet-wide increase in scanning" for victim computers. In an unusually ominous alert, it warned the threat could cause a "significant impact" on the Internet.

Experts advised computer users with renewed urgency to apply a free repairing patch that Microsoft has offered on its Web site since July 16, when it acknowledged that the flaw affected nearly all versions of its flagship Windows operating system software.

An attack could come "any day now," predicted Chris Wysopal of AtStake Inc., a security company in Cambridge, Mass. Another company, Qualys Inc., put the threat at the top of a newly released ranking of the Internet's most severe vulnerabilities.

Alan Paller of the SANS Institute in Bethesda, Md., said a disruption could be worse by orders of magnitude than previous high-profile attacks - such as the summer 2001 outbreak of the "Code Red" virus - because of the numbers of vulnerable systems.

Security companies guarding government and corporate networks have identified sporadic break-in attempts worldwide using such tools and have monitored hackers in discussion groups and chat rooms exchanging tips about how to improve the effectiveness of their programs.

Applying Microsoft's repairing patch takes a few moments for home users but is a more daunting challenge for large corporations with tens of thousands of Windows computers.

"People are definitely aggressively trying to patch this," said Ken Dunham, an analyst at iDefense Inc., an online security company. "But a large rollout may need to take some time."

Researchers' biggest fears - that hackers will quickly unleash automated "worm" software that attacks large numbers of computers within minutes - have so far been unrealized.

"Everybody is predicting a widespread event, going from zero to 60 very quickly," said Dan Ingevaldson, an engineering director for Atlanta-based Internet Security Systems Inc. He estimated the likelihood of a major Internet attack as "closer to imminent than probable."

Depending on the hackers' designs, attack tools could be engineered to disrupt Internet traffic by clogging data pipelines, delete important files or steal sensitive documents. Experts cautioned that a particularly clever hacker could leave little trace of an attack.

Oliver Friedrichs, the senior manager for security response at Symantec Corp., predicted that widespread attacks will not occur soon because hackers still need to resolve important glitches in their own attack tools.

"It is a little early," Friedrichs said. "The exploit needs to be perfected. The effort applied to the exploit is certainly increased, but we're not sure if that's indicative of when we might see a widespread threat. People certainly need to be aware of this."

FBI spokesman Bill Murray said bureau investigators were studying several hacker tools designed so far and were highly concerned about a wide-scale Internet attack. "We implore the private sector - both business and home users - to visit the Microsoft Web site and install the patches and mitigations necessary to prevent this from creating a negative effect on the Internet as a whole," Murray said.

The Microsoft flaw affects Windows technology used to share data files across computer networks. It involves a category of vulnerabilities known as "buffer overflows," which can trick software into accepting dangerous commands.

Microsoft products are based on lousy source code.

I thank God daily that I don't have to support their products.

This is from their own site:

Microsoft Technet:
HotFix & Security Bulletin Service

July 2003

MS03-031 : Cumulative Patch for Microsoft SQL Server (815495)
MS03-030 : Unchecked Buffer in DirectX Could Enable System Compromise (819696)
MS03-029 : Flaw in Windows Function Could Allow Denial of Service (823803)
MS03-028 : Flaw in ISA Server Error Pages Could Allow Cross-Site Scripting Attack (816456)
MS03-027 : Unchecked Buffer in Windows Shell Could Enable System Compromise (821557)
MS03-026 : Buffer Overrun In RPC Interface Could Allow Code Execution (823980)
MS03-025 : Flaw in Windows Message Handling through Utility Manager Could Enable Privilege Elevation (822679)
MS03-024 : Buffer Overrun in Windows Could Lead to Data Corruption (817606)
MS03-023 : Buffer Overrun In HTML Converter Could Allow Code Execution (823559)

June 2003

MS03-022 : Flaw in ISAPI Extension for Windows Media Services Could Cause Code Execution (822343)
MS03-021 : Flaw In Windows Media Player May Allow Media Library Access (819639)
MS03-020 : Cumulative Patch for Internet Explorer (818529)

May 2003

MS03-019 : Flaw in ISAPI extension for Windows Media Services could cause denial of service (817772)
MS03-018 : Cumulative Patch for Internet Information Service (811114)
MS03-017 : Flaw in Windows Media Player Skins Downloading Could Allow Code Execution (817787)

April 2003

MS03-016 : Cumulative Patch for BizTalk Server (815206)
MS03-015 : Cumulative Patch for Internet Explorer (813489)
MS03-014 : Cumulative Patch for Outlook Express (330994)
MS03-013 : Buffer Overrun in Windows Kernel Message Handling could Lead to Elevated Privileges (811493)
MS03-012 : Flaw In Winsock Proxy Service And ISA Firewall Service Can Cause Denial Of Service (331066)
MS03-011 : Flaw in Microsoft VM Could Enable System Compromise (816093)

March 2003

MS03-010 : Flaw in RPC Endpoint Mapper Could Allow Denial of Service Attacks (331953)
MS03-009 : Flaw in ISA Server DNS intrusion detection filter can cause Denial of Service (331065)
MS03-008 : Flaw in Windows Script Engine could allow code execution (814078)
MS03-007 : Unchecked Buffer In Windows Component Could Cause Server Compromise (815021)

February 2003

MS03-006 : Flaw in Windows Me Help and Support Center Could Enable Code Execution (812709)
MS03-005 : Unchecked Buffer in Windows Redirector Could Allow Privilege Elevation (810577)
MS03-004 : Cumulative Patch for Internet Explorer (810847)

January 2003

MS03-003 : Flaw in how Outlook 2002 handles V1 Exchange Server Security Certificates could lead to
Information Disclosure (812262)
MS03-002 : Cumulative Patch for Microsoft Content Management Server (810487)
MS03-001 : Unchecked Buffer in Locator Service Could Lead to Code Execution (810833)

December 2002

MS02-072 : Unchecked Buffer in Windows Shell Could Enable System Compromise (Q329390)
MS02-071 : Flaw in Windows WM_TIMER Message Handling Could Enable Privilege Elevation (328310)
MS02-070 : Flaw in SMB Signing Could Enable Group Policy to be Modified (329170)
MS02-069 : Flaw in Microsoft VM Could Enable System Compromise (810030)
MS02-068 : Cumulative Patch for Internet Explorer (324929)
MS02-067 : E-mail Header Processing Flaw Could Cause Outlook 2002 to Fail (331866)

November 2002

MS02-066 : Cumulative Patch for Internet Explorer (Q328970)
MS02-065 : Buffer Overrun in Microsoft Data Access Components Could Lead to Code Execution (Q329414)

October 2002

MS02-064 : Windows 2000 Default Permissions Could Allow Trojan Horse Program (Q327522)
MS02-063 : Unchecked Buffer in PPTP Implementation Could Enable Denial of Service Attacks (Q329834)
MS02-062 : Cumulative Patch for Internet Information Service (Q327696)
MS02-061 : Elevation of Privilege in SQL Server Web Tasks (Q316333)
MS02-060 : Flaw in Windows XP Help and Support Center Could Enable File Deletion (Q328940)
MS02-059 : Flaw in Word Fields and Excel External Updates Could Lead to Information Disclosure (Q330008)
MS02-058 : Unchecked Buffer in Outlook Express S/MIME Parsing Could Enable System Compromise (Q328676)
MS02-057 : Flaw in Services for Unix 3.0 Interix SDK Could Allow Code Execution (Q329209)
MS02-056 : Cumulative Patch for SQL Server (Q316333)
MS02-055 : Unchecked Buffer in Windows Help Facility Could Enable Code Execution (Q323255)
MS02-054 : Unchecked Buffer in File Decompression Functions Could Lead to Code Execution (Q329048)

September 2002

MS02-053 : Buffer Overrun in SmartHTML Interpreter Could Allow Code Execution (Q324096)
MS02-052 : Flaw in Java VM JDBC Classes Could Allow Code Execution (Q329077)
MS02-051 : Cryptographic Flaw in RDP Protocol can Lead to Information Disclosure (Q324380)
MS02-050 : Certificate Validation Flaw Could Enable Identity Spoofing (Q329115)
MS02-049 : Flaw Could Enable Web Page to Launch Visual FoxPro 6.0 Application Without Warning (Q326568)

August 2002

MS02-048 : Flaw in Certificate Enrollment Control Could Allow Deletion of Digital Certificates (Q323172)
MS02-047 : Cumulative Patch for Internet Explorer (Q323759)
MS02-046 : Buffer Overrun in TSAC ActiveX Control Could Allow Code Execution (Q327521)
MS02-045 : Unchecked Buffer in Network Share Provider can lead to Denial of Service (Q326830)
MS02-044 : Unsafe Functions in Office Web Components (Q328130)
MS02-043 : Cumulative Patch for SQL Server (Q316333)
MS02-042 : Flaw in Network Connection Manager Could Enable Privilege Elevation (Q326886)
MS02-041 : Unchecked Buffer in Content Management Server Could Enable Server Compromise (Q326075)

July 2002

MS02-040 : Unchecked Buffer in MDAC Function Could Enable SQL Server Compromise (Q326573)
MS02-039 : Buffer Overruns in SQL Server 2000 Resolution Service Could Enable Code Execution (Q323875)
MS02-038 : Unchecked Buffer in SQL Server 2000 Utilities Could Allow Code Execution (Q316333)
MS02-037 : Server Response To SMTP Client EHLO Command Results In Buffer Overrun (Q326322)
MS02-036 : Authentication Flaw in Microsoft Metadirectory Services Could Allow Privilege Elevation (Q317138)
MS02-035 : SQL Server Installation Process May Leave Passwords on System (Q263968)
MS02-034 : Cumulative Patch for SQL Server (Q316333)

June 2002

MS02-033 : Unchecked Buffer in Profile Service Could Allow Code Execution in Commerce Server (Q322273)
MS02-032 : Cumulative Patch for Windows Media Player (Q320920)
MS02-031 : Cumulative Patches for Excel and Word for Windows (Q324458)
MS02-030 : Unchecked Buffer in SQLXML Could Lead to Code Execution (Q321911)
MS02-029 : Unchecked Buffer in Remote Access Service Phonebook Could Lead to Code Execution (Q318138)
MS02-028 : Heap Overrun in HTR Chunked Encoding Could Enable Web Server Compromise (Q321599)
MS02-027 : Unchecked Buffer in Gopher Protocol Handler Can Run Code of Attacker's Choice (Q323889)
MS02-026 : Unchecked Buffer in ASP.NET Worker Process (Q322289)

May 2002

MS02-025 : Malformed Mail Attribute Can Cause Exchange 2000 to Exhaust CPU Resources (Q320436)
MS02-024 : Authentication Flaw in Windows Debugger Can Lead to Elevated Privileges (Q320206)
MS02-023 : 15 May 2002 Cumulative Patch for Internet Explorer (Q321232)
MS02-022 : Unchecked Buffer in MSN Chat Control Can Lead to Code Execution (Q321661)

April 2002

MS02-021 : E-mail Editor Flaw Could Lead to Script Execution on Reply or Forward (Q321804)
MS02-020 : SQL Extended Procedure Functions Contain Unchecked Buffers (Q319507)
MS02-019 : Unchecked Buffer in Internet Explorer and Office for Mac Can Cause Code to Execute (Q321309)
MS02-018 : Cumulative Patch for Internet Information Service (Q319733)
MS02-017 : Unchecked Buffer in the Multiple UNC Provider Could Enable Code Execution (Q311967)
MS02-016 : Opening Group Policy Files for Exclusive Read Blocks Policy Application (Q318593)

March 2002

MS02-015 : 28 March 2002 Cumulative Patch for Internet Explorer
MS02-014 : Unchecked Buffer in Windows Shell Could Lead to Code Execution
MS02-013 : 04 March 2002 Cumulative VM Update

February 2002

MS02-012 : Malformed Data Transfer Request Can Cause Windows SMTP Service to Fail
MS02-011 : Authentication Flaw Could Allow Unauthorized Users To Authenticate To SMTP Service
MS02-010 : Unchecked Buffer in ISAPI Filter Could Allow Commerce Server Compromise
MS02-009 : Incorrect VBScript Handling in IE Can Allow Web Pages to Read Local Files
MS02-008 : XMLHTTP Control Can Allow Access to Local Files
MS02-007 : SQL Server Remote Data Source Function Contain Unchecked Buffers
MS02-006 : Unchecked Buffer in SNMP Service Could Enable Arbitrary Code to be Run
MS02-005 : 11 February 2002 Cumulative Patch for Internet Explorer
MS02-004 : Unchecked Buffer in Telnet Server Could Lead to Arbitrary Code Execution
MS02-003 : Exchange 2000 System Attendant Incorrectly Sets Remote Registry Permissions
MS02-002 : Malformed Network Request Can Cause Office v. X for Mac to Fail

January 2002

MS02-001 : Trusting Domains Do Not Verify Domain Membership of SIDs in Authorization Data

December 2001

MS01-060 : SQL Server Text Formatting Functions Contain Unchecked Buffers
MS01-059 : Unchecked Buffer in Universal Plug and Play Can Lead to System Compromise
MS01-058 : 13 December 2001 Cumulative Patch for IE
MS01-057 : Specially Formed Script in HTML Mail Can Execute in Exchange 5.5 OWA

November 2001

MS01-056 : Windows Media Player .ASF Processor Contains Unchecked Buffer
MS01-055 : 13 November 2001 Cumulative Patch for IE
MS01-054 : Invalid Universal Plug and Play Request Can Disrupt System Operation

October 2001

MS01-053 : Downloaded Applications Can Execute on Mac IE 5.1 for OS X
MS01-052 : Invalid RDP Data Can Cause Terminal Service Failure
MS01-051 : Malformed Dotless IP Address Can Cause Web Page to be Handled in Intranet Zone
MS01-050 : Malformed Excel or PowerPoint Document Can Bypass Macro Security

September 2001

MS01-049 : Deeply-nested OWA Request Can Consume Server CPU Availability
MS01-048 : Malformed Request to RPC Endpoint Mapper Can Cause RPC Service to Fail
MS01-047 : OWA Function Allows Unauthenticated User to Enumerate Global Address List

August 2001

MS01-046 : Access Violation in Windows 2000 IRDA Driver Can Cause System to Restart
MS01-045 : ISA Server H.323 Gatekeeper Service Contains Memory Leak
MS01-044 : 15 August 2001 Cumulative Patch for IIS
MS01-043 : NNTP Service in Windows NT 4.0 and Windows 2000 Contains Memory Leak

July 2001

MS01-042 : Windows Media Player .NSC Processor Contains Unchecked Buffer
MS01-041 : Malformed RPC Request Can Cause Service Failure
MS01-040 : Invalid RDP Data Can Cause Memory Leak in Terminal Services
MS01-039 : Services for Unix 2.0 Telnet and NFS Services Contain Memory Leaks
MS01-038 : Outlook View Control Exposes Unsafe Functionality
MS01-037 : Authentication Error in SMTP Service Could Allow Mail Relaying

June 2001

MS01-036 : Function Exposed via LDAP over SSL Could Enable Passwords to be Changed
MS01-035 : FrontPage Server Extension Sub-Component Contains Unchecked Buffer
MS01-034 : Malformed Word Document Could Enable Macro to Run Automatically
MS01-033 : Unchecked Buffer in Index Server ISAPI Extension Could Enable Web Server Compromise
MS01-032 : SQL Query Method Enables Cached Administrator Connection to be Reused
MS01-031 : Predictable Named Pipes Could Enable Privilege Elevation via Telnet
MS01-030 : Incorrect Attachment Handling in Exchange OWA Can Execute Script

May 2001

MS01-029 : Windows Media Player .ASX Processor Contains Unchecked Buffer
MS01-028 : RTF Document Linked to Template Can Run Macros Without Warning
MS01-027 : Flaws in Web Server Certificate Validation Could Enable Spoofing
MS01-026 : 14 May 2001 Cumulative Patch for IIS
MS01-025 : Index Server Search Function Contains Unchecked Buffer
MS01-024 : Malformed Request to Domain Controller Can Cause Memory Exhaustion
MS01-023 : Unchecked Buffer in ISAPI Extension Could Enable Compromise of IIS 5.0 Server

April 2001

MS01-022 : WebDAV Service Provider Can Allow Scripts to Levy Requests as User
MS01-021 : Web Request Can Cause Access Violation in ISA Server Web Proxy Service

March 2001

MS01-020 : Incorrect MIME Header Can Cause IE to Execute E-mail Attachment
MS01-019 : Passwords for Compressed Folders are Recoverable
MS01-018 : Visual Studio VB-TSQL Object Contains Unchecked Buffer
MS01-017 : Erroneous VeriSign-Issued Digital Certificates Pose Spoofing Hazard
MS01-016 : Malformed WebDAV Request Can Cause IIS to Exhaust CPU Resources
MS01-015 : IE Can Divulge Location of Cached Content
MS01-014 : Malformed URL Can Cause Service Failure in IIS 5.0 and Exchange 2000

February 2001

MS01-013 : Windows 2000 Event Viewer Contains Unchecked Buffer
MS01-012 : Outlook - Outlook Express VCard Handler Contains Unchecked Buffer
MS01-011 : Malformed Request to Domain Controller Can Cause CPU Exhaustion
MS01-010 : Windows Media Player Skins Files Can Enable Java Code to Execute
MS01-009 : Malformed PPTP Packet Stream Can Cause Kernel Exhaustion
MS01-008 : Malformed NTLMSSP Request Can Enable Code to Run with System Privileges
MS01-007 : Network DDE Agent Requests Can Enable Code to Run in System Context

January 2001

MS01-006 : Invalid RDP Data Can Cause Terminal Server Failure
MS01-005 : Packaging Anomaly Could Cause Hotfixes to be Removed
MS01-004 : Malformed .HTR Request Allows Reading of File Fragments
MS01-003 : Weak Permissions on Winsock Mutex Can Allow Service Failure
MS01-002 : PowerPoint 2000 File Parser Contains Unchecked Buffer
MS01-001 : Web Client Will Perform NTLM Authentication Regardless of Security Settings

December 2000

MS00-100 : Malformed Web Form Submission Vulnerability
MS00-099 : Directory Service Restore Mode Password Vulnerability
MS00-098 : Indexing Service File Enumeration Vulnerability
MS00-097 : Severed Windows Media Server Connection Vulnerability
MS00-096 : SNMP Parameters Vulnerability
MS00-095 : Registry Permissions Vulnerability
MS00-094 : Phone Book Service Buffer Overflow Vulnerability
MS00-093 : Browser Print Template and File Upload via Form Vulnerabilities
MS00-092 : Extended Stored Procedure Parameter Parsing Vulnerability

November 2000

MS00-091 : Incomplete TCP/IP Packet Vulnerability
MS00-090 : .ASX Buffer Overrun and .WMS Script Execution Vulnerabilities
MS00-089 : Domain Account Lockout Vulnerability
MS00-088 : Exchange User Account Vulnerability
MS00-087 : Terminal Server Login Buffer Overflow Vulnerability
MS00-086 : Web Server File Request Parsing Vulnerability
MS00-085 : ActiveX Parameter Validation Vulnerability
MS00-084 : Indexing Services Cross Site Scripting Vulnerability
MS00-083 : Netmon Protocol Parsing Vulnerability

October 2000

MS00-082 : Malformed MIME Header Vulnerability
MS00-081 : New Variant of VM File Reading Vulnerability
MS00-080 : Session ID Cookie Marking Vulnerability
MS00-079 : HyperTerminal Buffer Overflow Vulnerability
MS00-078 : Web Server Folder Traversal Vulnerability
MS00-077 : NetMeeting Desktop Sharing Vulnerability
MS00-076 : Cached Web Credentials Vulnerability
MS00-075 : Microsoft VM ActiveX Component Vulnerability
MS00-074 : WebTV for Windows Denial of Service Vulnerability
MS00-073 : Malformed IPX NMPI Packet Vulnerability
MS00-072 : Share Level Password Vulnerability
MS00-071 : Word Mail Merge Vulnerability
MS00-070 : Multiple LPC and LPC Ports Vulnerabilities

September 2000

MS00-069 : Simplified Chinese IME State Recognition Vulnerability
MS00-068 : OCX Attachment Vulnerability
MS00-067 : Windows 2000 Telnet Client NTLM Authentication Vulnerability
MS00-066 : Malformed RPC Packet Vulnerability
MS00-065 : Still Image Service Privilege Escalation Vulnerability
MS00-064 : Unicast Service Race Condition Vulnerability
MS00-063 : Invalid URL Vulnerability

August 2000

MS00-062 : Local Security Policy Corruption Vulnerability
MS00-061 : Money Password Vulnerability
MS00-060 : IIS Cross-Site Scripting Vulnerabilities
MS00-059 : Java VM Applet Vulnerability
MS00-058 : Specialized Header Vulnerability
MS00-057 : File Permission Canonicalization Vulnerability
MS00-056 : Microsoft Office HTML Object Tag Vulnerability
MS00-055 : Scriptlet Rendering Vulnerability
MS00-054 : Malformed IPX Ping Packet Vulnerability
MS00-053 : Service Control Manager Named Pipe Impersonation Vulnerability

July 2000

MS00-052 : Relative Shell Path Vulnerability
MS00-047 : NetBIOS Name Server Protocol Spoofing Vulnerability
MS00-051 : Excel REGISTER.ID Function Vulnerability
MS00-050 : Telnet Server Flooding Vulnerability
MS00-046 : Cache Bypass Vulnerability
MS00-045 : Persistent Mail-Browser Link Vulnerability
MS00-043 : Malformed E-mail Header Vulnerability
MS00-044 : Absent Directory Browser Argument Vulnerability
MS00-049 : Office HTML Script and IE Script Vulnerabilities
MS00-048 : Stored Procedure Permissions Vulnerability

June 2000

MS00-042 : Active Setup Download Vulnerability
MS00-020 : Desktop Separation Vulnerability
MS00-041 : DTS Password Vulnerability
MS00-040 : Remote Registry Access Authentication Vulnerability
MS00-039 : SSL Certificate Validation Vulnerabilities
MS00-037 : HTML Help File Code Execution Vulnerability
MS00-032 : Protected Store Key Length Vulnerability

May 2000

MS00-038 : Malformed Windows Media Encoder Request Vulnerability
MS00-035 : SQL Server 7.0 Service Pack Password Vulnerability
MS00-036 : ResetBrowser Frame and Host Announcement Frame Vulnerabilities
MS00-029 : IP Fragment Reassembly Vulnerability
MS00-033 : Frame Domain Verification and Unauthorized Cookie Access and Malformed Component Attribute Vulnerabilities
MS00-034 : Office 2000 UA Control Vulnerability
MS00-030 : Malformed Extension Data in URL Vulnerability
MS00-031 : Undelimited .HTR Request and File Fragment Reading via .HTR Vulnerabilities

April 2000

MS00-028 : Server-Side Image Map Components Vulnerability
MS00-027 : Malformed Environment Variable Vulnerability
MS00-026 : Mixed Object Access Vulnerability
MS00-025 : Link View Server-Side Component Vulnerability
MS00-024 : OffloadModExpo Registry Permissions Vulnerability
MS00-023 : Myriad Escaped Characters Vulnerability
MS00-022 : XLM Text Macro Vulnerability

March 2000

MS00-021 : Malformed TCP/IP Print Request Vulnerability
MS00-019 : Virtualized UNC Share Vulnerability
MS00-018 : Chunked Encoding Post Vulnerability
MS00-016 : Malformed Media License Request Vulnerability
MS00-017 : DOS Device in Path Name Vulnerability
MS00-008 : Registry Permissions Vulnerability
MS00-014 : SQL Query Abuse Vulnerability
MS00-015 : Clip Art Buffer Overrun Vulnerability

February 2000

MS00-013 : Misordered Windows Media Services Handshake Vulnerability
MS00-012 : Remote Agent Permissions Vulnerability
MS00-011 : VM File Reading Vulnerability
MS00-010 : Site Wizard Input Validation Vulnerability
MS00-009 : Image Source Redirect Vulnerability
MS00-007 : Recycle Bin Creation Vulnerability

January 2000

MS00-006 : Malformed Hit-Highlighting Argument Vulnerability
MS00-004 : RDISK Registry Enumeration File Vulnerability
MS00-002 : Malformed Conversion Data Vulnerability
MS00-005 : Malformed RTF Control Word Vulnerability
MS00-003 : Spoofed LPC Port Request Vulnerability
MS00-001 : Malformed IMAP Request Vulnerability

December 1999

MS99-060 : HTML Mail Attachment Vulnerability
MS99-061 : Escape Character Parsing Vulnerability
MS99-058 : Virtual Directory Naming Vulnerability
MS99-059 : Malformed TDS Packet Header Vulnerability
MS99-057 : Malformed Security Identifier Request Vulnerability
MS99-056 : Syskey Keystream Reuse Vulnerability
MS99-055 : Malformed Resource Enumeration Argument Vulnerability
MS99-050 : Server-side Page Reference Redirect Vulnerability
MS99-053 : Windows Multithreaded SSL ISAPI Filter Vulnerability
MS99-054 : WPAD Spoofing Vulnerability

November 1999

MS99-052 : Legacy Credential Caching Vulnerability
MS99-051 : IE Task Scheduler Vulnerability
MS99-049 : File Access URL Vulnerability
MS99-048 : Active Setup Control Vulnerability
MS99-047 : Malformed Spooler Request Vulnerability

October 1999

MS99-046 : Improve TCP Initial Sequence Number Randomness
MS99-045 : Virtual Machine Verifier Vulnerability
MS99-044 : Excel SYLK Vulnerability
MS99-043 : Javascript Redirect Vulnerability
MS99-042 : IFRAME ExecCommand Vulnerability

September 1999

MS99-041 : RASMAN Security Descriptor Vulnerability
MS99-040 : Download Behavior Vulnerability
MS99-039 : Domain Resolution and FTP Download Vulnerabilities
MS99-038 : Spoofed Route Pointer Vulnerability
MS99-037 : ImportExportFavorites Vulnerability
MS99-036 : Windows NT 4.0 Does Not Delete Unattended Installation File
MS99-035 : Set Cookie Header Caching Vulnerability
MS99-033 : Malformed Telnet Argument Vulnerability
MS99-034 : Fragmented IGMP Packet Vulnerability

August 1999

MS99-032 : scriptlet.typelib/Eyedog Vulnerability
MS99-031 : Virtual Machine Sandbox Vulnerability
MS99-030 : Office ODBC Vulnerabilities
MS99-029 : Malformed HTTP Request Header Vulnerability
MS99-028 : Terminal Server Connection Request Flooding Vulnerability
MS99-027 : Encapsulated SMTP Address Vulnerability

July 1999

MS99-026 : Malformed Dialer Entry Vulnerability
MS99-025 : Unauthorized Access to IIS Servers through ODBC Data Access with RDS
MS99-024 : Unprotected IOCTLs Vulnerability

June 1999

MS99-023 : Malformed Image Header Vulnerability
MS99-022 : Double Byte Code Page Vulnerability
MS99-021 : CSRSS Worker Thread Exhaustion Vulnerability
MS99-020 : Malformed LSA Request Vulnerability
MS99-019 : Malformed HTR Request Vulnerability

May 1999

MS99-018 : Malformed Favorites Icon Vulnerability
MS99-017 : RAS and RRAS Password Vulnerability
MS99-016 : Malformed Phonebook Entry Vulnerability
MS99-015 : Malformed Help File Vulnerability
MS99-014 : Excel 97 Virus Warning Vulnerabilities
MS99-013 : File Viewers Vulnerability

April 1999

MS99-012 : MSHTML Update Available for Internet Explorer
MS99-011 : DHTML Edit Vulnerability

March 1999

MS99-010 : File Access Vulnerability in Personal Web Server
MS99-009 : Malformed Bind Request Vulnerability
MS99-008 : Windows NT Screen Saver Vulnerability

February 1999

MS99-007 : Taskpads Scripting Vulnerability
MS99-006 : Windows NT Known DLLs List Vulnerability
MS99-005 : BackOffice Server 4.0 Does Not Delete Installation Setup File
MS99-004 : Authentication Processing Error in Windows NT 4.0 Service Pack 4
MS99-003 : IIS Malformed FTP List Request Vulnerability

January 1999

MS99-002 : Word 97 Template Vulnerability
MS99-001 : Exposure in Forms 2.0 TextBox Control that allows data to be read from user's Clipboard

December 1998

MS98-020 : Frame Spoof Vulnerability
MS98-019 : IIS GET Vulnerability
MS98-018 : Excel CALL Vulnerability

November 1998

MS98-017 : Named Pipes Over RPC Vulnerability

October 1998

MS98-016 : Dotless IP Address Issue in Microsoft Internet Explorer 4
MS98-015 : Untrusted Scripted Paste Issue in Microsoft Internet Explorer 4.01

September 1998

MS98-014 : RPC Spoofing Denial of Service on Windows NT
MS98-013 : Internet Explorer Cross Frame Navigate Vulnerability

August 1998

MS98-012 : Updates available for Security Vulnerabilities in Microsoft PPTP
MS98-011 : Window.External JScript Vulnerability in Microsoft Internet Explorer 4.0
MS98-010 : Information on the Back Orifice Program

July 1998

MS98-009 : Windows NT Privilege Elevation Attack
MS98-008 : Long file name Security Issue affecting Microsoft Outlook 98 and Microsoft Outlook Express 4.x
MS98-007 : Potential SMTP and NNTP Denial-of-Service Vulnerabilities
MS98-006 : Potential Denial-of-Service in IIS FTP Server due to Passive Connections
MS98-005 : Unwanted Data Issue with Office 98 for the Macintosh
MS98-004 : Unauthorized ODBC Data Access with RDS and IIS
MS98-003 : File Access Issue with Windows NT Internet Information Server

June 1998

MS98-002 : Error Message Vulnerability Against Secured Internet Servers
MS98-001 : Disabling Creation of Local Groups on a Domain by Non-Administrative Users

Disclaimer: Opinions posted on Free Republic are those of the individual posters and do not necessarily represent the opinion of Free Republic or its management. All materials posted herein are protected by copyright law and the exemption for fair use of copyrighted works.